and the following guide is for the average user looking to increase their overall privacy
the difference between this guide and most others is that i've used every program or process i note here: when i find something new i add it here
the subject of privacy is a massive one at that so i've attempted to break down some of the essentials:
general online privacy: spyware protection, general tips, scam alerts etc
p2p privacy: more secure apps, apps that don't have adware etc
using proxies: with web browsing and p2p apps
my goal is not for these guides to be a giant list of links but rather an ongoing guide of programs myself and other peeps use successfully on a regular basis.
while security and privacy have their obvious common links this section illustrates overall privacy, sometimes not being limited to the online arena.....
we encourage peeps to post any information/news/guides that relate to privacy in this section
and good sites to keep an eye on
http://www.eff.org/
http://www.stopillegalspying.org/
http://www.privacydigest.com/
http://www.chillingeffects.org
http://www.privacyrights.org/
http://www.patriotwatch.org/
http://www.epic.org/
http://www.thememoryhole.org/
http://www.computercops.biz/
http://www.antiphishing.org/
http://dridentity.com/blogs/dr_identity/
in german (from sabu):
http://www.gulli.com
the fight for privacy isn't just about the internet although that is where a lot of the concerns lie
info on consumer privacy in general
http://www.consumerprivacyguide.org/
in general think twice before granting firewall access to microsoft etc related progs/ look for alternatives to windows media player etc
stay in the habit of granting one time internet access to progs you use but are corporate related- in other words don't grant unlimited firewall access to progs unless you trust them lol
please contribute your experiences with other privacy progs and the like- just post in this general section!
general online privacy
first and foremost before you remove any kind of software or files backup your drives and/or registry- more info in general here http://windowsxp.mvps.org/registry.htm
this may seem like an obvious thing but think about what kind of program you're installing and always scan thru the user agreement- plenty of people are so anxious to start up a new filesharing application for example they don't realize they could be declining the adware/spyware from being installed in the first place. stay away from all browser toolbars!
also this guide is not meant to replace the security sections! comprehensive guides from moore can be found at http://www.bluetack.co.uk/forums/index.php...hp?showforum=10 and security discussion at http://www.bluetack.co.uk/forums/index.php...hp?showforum=11 firewalls are covered in those sections but if you stick with agnitum outpost for sygate pro you should be good.
don't rely on windows firewalls:
http://www.grc.com/lt/leaktest.htm
QUOTE
WinXP's built-in firewall does not attempt to manage or restrict outbound connections at all. It appears to be a useful firewall for hiding the machine from the Internet (it has "stealth mode" unsolicited packet handling), but you will still need to use a good third-party personal firewall if you wish to manage and control outbound connections from your system
you need to check out our malware forums
http://www.bluetack.co.uk/forums/index.php?c=28
to keep thing simple i suggest the following basics:
1) a good firewall like agnitum outpost (or jetico if you're not a big p2p user)
2) an antivirus like grisoft's avg free (or AntiVir Personal Edition Classic or
Alwil Software Avast Home Edition)
http://free.grisoft.com/freeweb.php/doc/2/
3) for adware and spyware use sypbot and it's immunize function, resident tea timer option and more (explained below) and
4) for more thorough spyware removal this online scan http://www.spywareinfo.com/xscan.php
5) if things are really bad kaspersky's free online scan- takes a few hours http://usa.kaspersky.com/services/free-virus-scanner.php
6) if you use p2p then you need either need to import the blocklists to your firewall if it's capable of doing so or use protowall or peerguardian
7) use index.datsuite to clean up all index.dats at work and at home (info below)
below you will find expanded info on the above and other important programs
for anyone who uses a pc (especially for those who use a system at work) you'll want to clean up the index.dat ( i would regardless of what you do for the sake of privacy because the it ppl check it!) other progs and cleaning out cookies and such do not cover the idnex.dat files!
download page:
http://support.it-mate.co.uk/?mode=Product...=index.datsuite
thanks moore!
help page here help for that http://support.it-mate.co.uk/?mode=Product...ex.datsuite#134
once installed go to to tools>settings and pick what you want done (eg cleaning logs etc). then after that back to programs>index.dat and choose the automatic option and it will take it from there
tips from faq for index.datsuite:
Q. Will deleting the index.dat files, harm my PC?
A. No. Deleting the index.dat file's simply deletes the files, nothing else. After deleting them, Windows will re-create fresh blank copies of them.
don't delete the PCHEALTH index.dat file (Deleting this file will prevent the System Information tool working (it will instead, load the Help and Support files)
pestpatrol: known false positive within PestPatrol and should be ignored
Runtime Error 75 message and a McAfee trojan alert when generating the batch file: This is a known issue and is caused by a false positive in McAfee
Q. The batch file is not deleting all of the index.dat files, help!
A. This problem is confirmed on XP SP2. Unfortunately however, the cause is at present, unknown.
As a work-around, this can be rectified by editing the batch file prior to it's being used. To do this, open the batch file in Notepad™ or similar and encase the paths in quotes, for example;
del C:\Docume~1\<Username>\Cookies\index.dat
Becomes
del "C:\Docume~1\<Username>\Cookies\index.dat"
Q. Why aren't the Temporary Internet Files, Cookies and History etc, cleared aswell?
A. These items will only be deleted if you ask Index.dat Suite to do so in the Settings options.
in addition to the below progs you'll want a browser cleaning prog like window washer- otherwise let me know if you find good freeware!
free trial for window washer info http://www.webroot.com/
firewalls:
for maximum protection you want a firewall you can import ips en masse - you're best bet is agnitum outpost
if you're not as concerned and don't use p2p here's a good free firewall:
http://www.jetico.com/jpfwall.exe
(thanks deathdrone!)
also as far as comodo goes their company does work for law enforcement etc:
http://www.comodo.com/news/press_releases/23_05_07.html
http://www.bluetack.co.uk/forums/index.php?showtopic=15485
here are links to good test/scans on firewalls:
basic:
http://www.firewallleaktester.com/leaktest1.htm
stealth test:
http://www.pcflank.com/scanner1s.htm
many others listed to the left
http://www.firewallleaktester.com/
antivirus programs
there's no need to pay for av protection- check these out as they were rated as of 2006 by pcworld
(i'm still using avg free and have since 2001)
AntiVir Personal Edition Classic 6.32
score 78/100
http://www.free-av.com/
Alwil Software Avast Home Edition
score 77/100
http://www.avast.com
Grisoft AVG Free Edition 7.1 (newer one is 7.5)
score 73/100
http://free.grisoft.com/
spyware/adware etc
great, free online spyware removal
http://www.spywareinfo.com/xscan.php
kaspersky online virus scan
http://usa.kaspersky.com/services/free-virus-scanner.php
hosts files:
kimberly's comprehensive hosts list which can be found here.... http://www.bluetack.co.uk/forums/index.php?showforum=65
(props to rooted for his work on this previously)
rootkit detection and prevention
check the forum link from member anti-spyware
http://www.bluetack.co.uk/forums/index.php...c=15676&hl=
spybot search and destroy:
here's the link http://www.safer-networking.org/
and the download page http://www.safer-networking.org/index.php?...p?page=download
pc world notes it is not the best prog out there but it is free and the immunize function is well worth the use
http://www.pcworld.com/downloads/file/fid,...escription.html
there is an option to download the tools update if you have problems updating within the program. after installation make a desktop shortcut for the advanced mode.
after you've updated click on the immunize option (helps stop adware,spyware before it's installed), then click install to block bad pages silently (blocks bad downloads) and under misc. protections make sure "Lock Hosts file" is checked and "Lock IE start page" as well.
have a look at the many tools available (only can be seen when using the advanced mode) including the hosts file option which will block known advertisements and the like. click "add spybot s&d hosts file list" and notice there is an option to remove the hosts list if you choose.
resident- found in tools section- check both options- sd helper and tea timer- this won't cover rootkits fyi but a good prog/tool.
secure shredder- use this on files you're never going to want to see again. drag any file into the secure shredder option and then click "chop it away" and you're done. set # of shreds to 35.
there are a lot of other options/tools so check them out including system start up info and the like...
under settings you can choose to have spybot to start on system startup etc and under web update to choose automatice update if you have an ongoing internet connection...
to scan click on Spybot S&D from wherever you may be and then "Check for problems" in the lower left. keep in mind whatever you end up removing can be undone if you are experiencing problems with a program.
if you have trouble updating spybot within the program then try changing the download mirror/location- to the right of the "download updates" option choose another download location and you should be fine...
if you have any problems read the help tutorial within the program and check out the support page http://www.safer-networking.org/index.php?page=support
for those looking for more extensive wipes use anything which wipes 35 times (gutman)- deepdelete is no longer supported so not suggested for use
spyware blaster:
for added protection against activex you'll want to check out http://www.javacoolsoftware.com/spywareblaster.html
i don't use this anymore but it's still good ( i use a good av, spybot and the spywareinfo online scan)
after installation go to update and then under all the spyware database listings click select all to start off and then "protect against checked items"- you can always scroll down thru the selections to deselect any of them. keep in mind that spyware blaster is a preventative measure so there are no scans to run as that is what spybot is for...
if you change any of the settings (which i haven't yet) then just click save
the system snapshot option is advisable only if you've already used spybot to clean your system and a program like window washer...you can restore your browser settings and the like if you're created a snapshot
here are their simple directions
Enabling the powerful protection of SpywareBlaster is easy:
1.) Open SpywareBlaster
2.) Press the "Select All" button
3.) Press the "Protect Against Checked Items" button
4.) Exit the program - you're done!
SpywareBlaster does not need to remain open for its protection to be active!
Simply use the Check for Updates feature at least once a week to download the latest protection, and use the same steps above to enable protection for all new items.
hijackthis
use it to show what has been attached to your system-
use all spyware removal tools at your disposal before messing around with hijackthis
i don't suggest deleting anything until someone who knows what they're doing tells you! head to the malware support forum when in doubt
always backup your system before messing with the registry
info about hiajckthis at our Malware Removal Support Forum
http://www.bluetack.co.uk/forums/index.php?showtopic=9036
main info link for hijackthis here: http://www.spywareinfo.com/downloads.php?cat=sp#det
direct dl link:
http://www.spywareinfo.com/~merijn/files/HijackThis.exe
to see if a hijack entry is legit go to http://www.castlecops.com/bho-f.html
web browsers:
why you should consider dumping the explorer browser:
http://www.techworld.com/news/index.cfm?newsid=944
consider an alternative to the explorer browser
Mozilla Firebird
http://www.mozilla.org/products/firefox/
it's one i currently use- good stuff so far
trojan protection etc
great diamond cs products- free trials
Process Guard
DiamondCS Process Guard is an advanced security system that protects both system and security processes (as well as user-defined processes) from attacks by other processes, services, drivers, and other forms of executing code on your system. Although Process Guard is a very powerful program due to its low-level nature, its intuitive graphical interface actually makes it very easy to use for both novice and advanced users alike.
Port Explorer
Port Explorer is an advanced network tool that is easy to use but very powerful that allows you to look at the network/Internet connections of your computer in a way you never have before. It is most famous for its precision port-to-process mapping capabilities, but it has many other capabilities including hidden server detection (allowing you to detect most remote access trojans simply by looking at the display to see red sockets), a packet-sniffer (you can even spy on individual sockets), as well as 7 unique utilities.
Wormguard 3
WormGuard is the future of worm detection. Using generic detection techniques combined with heuristic detection rules to isolate worms, WormGuard is able to identify most worms without requiring any databases. One of the powerful features of WormGuard is its Execution Protection capability. As soon as you run a file, WormGuard intercepts and analyses the file, and if a possible worm is found you'll be alerted and the run will be aborted, preventing any infection from occurring. Make worms a worry of the past with WormGuard!
and diamond cs freeware!
http://www.diamondcs.com.au/index.php?page=products
________________________________________________________________________________
_
p2p privacy:
using just a firewall is not enough to protect you from p2p monitoring- import the blocklists to a firewall or use protowall or peerguardian
protowall
remember if you're a windows xp user check out protowall and remember it's not a substitute for a personal firewall: http://www.bluetack.co.uk/forums/index.php?showforum=127
don't forget the blocklist manager! http://www.bluetack.co.uk/forums/index.php?showforum=140
for the blocklists i would use all sources including iana even if you're behind a router- i only need 4 iana ips for my router to work (add them as exclusions)- better safe than sorry if someone tried to spoof a iana ip to access your system- if that's too much then disable the iana source.
keep in mind the protection is only as good as the ips we have put in the lists so don't think it's foolproof as we have yet to figure out the bigger picture as far as anti p2p tracking etc
protowall help for 2.0 etc- follow it verbatim
http://www.bluetack.co.uk/pwhelp/
recommended p2p app links:
soulseek is poopware free (music p2p)
http://www.slsknet.org/
emule
http://www.emule-project.net/
shareaza
http://www.shareaza.com/
freenet
http://freenet.sourceforge.net/
filetopia:
http://www.filetopia.org/
ares:
google it
p2p apps you should avoid like the plague:
(i.e. don't use them)
KaZaa
Limewire
Audiogalaxy
Bearshare (offers a paid version without spyware)
Imesh
Morpheus
Grokster
Xolox
Blubster
Piolet
OneMX
FreeWire
there's a more comprehensive list here but there are some minor errors- for instance ares is only adware free if you decline navhelper during setup- also you can run spybot and remove the ares crap and use it w/o problems- here's the list: http://www.spywareinfo.com/articles/p2p/
i know i don't have bittorent and others listed but they are too risky imo and are wide open to monitoring- an effort must be made to promote more secure filesharing apps and bittorent goes in the opposite direction...
from spyware info:
Regarding BitTorrent
BitTorrent is an open source program distributed under a license that allows for repackaging and distribution. Unfortunately, a company named Unify Media Ltd http://www.unifymedia.com/ has decided to distribute a version infected with the C2Media/Lop parasite http://www.doxdesk.com/parasite/lop.html. We strongly recommend that you download BitTorrent only from the official web site:
http://bitconjurer.org/BitTorrent/
annoyed by fake files? check out http://sharethefiles.com/forum/ great info on p2p and hash links so you know you're dl a legit file
________________________________________________________________________________
_
using proxies:
like anything online proxies can give you a false sense of security- my overall suggestion would be to encrypt / password protect your hard drives, import blocklist ips to your firewall, use protowall and help out the ip gathering effort!
i personally would block proxy ip ranges as you never know who's behind them! it is a complex issue though whether or not using proxies in general is better than trying to control tnhings on your end with a blocklists etc- ultimately either the proxy company/server owner or your isp will find out whamt you're up to if they really want (they just need to check their logs) make sure you password protect your hard drives!
keep in mind with overall proxies like socks you won't be able to block ips from the blocklists- the point here is that ip blocking with protowall or pg is a secondary measure at best because we heavily rely on arin, ripe, apnic etc to indicate the ip owners of ranges so if you're truly paranoid and/or have been busted for sharing files you'll want to consider a program like anonx to use with p2p
for the following you can use hiproxy for anon web browsing, ftp, email etc but not for p2p as far as i know
lots of options here and you have to be careful which proxy servers you're using!
be careful if you rely on diabling microsoft vm java coz i'm noticing that the setting likes to reset to high from disabled and i need that disabled to be completely anon with http
test your ip regularly to see if the proxy you're using is hiding your real ip- check all numbers mentioned
http://www.stayinvisible.com/index.pl/test...your_ip_nocache
currently i'm using the trial version of HiProxy
note that these programs won't cover using p2p apps - you need to use the socks option within the p2p if it's offered- check below for more info
hiproxy http://hiproxy.com/index.html
shareware- limited auto import abilities as far as proxy numbers etc but that doesn't bother me coz it'a hard to find a lot of good anonymous proxies anyways- you can manually add as many proxies as you want (just right click)
i use the socks connection option and have "all4" "auto" "local" and "ie proxy" checked (i don't check java coz it changes my disable java to high security and that messes with my anonymity!)
http works, emails from my yahoo acct don't show my ip in the headers
so once you've installed hiproxy it's time to find anonymous proxy servers to import- keep in mind you can't just use any server number coz it could belong to a corporation or government you don't want to go near
for anonymous proxies see http://www.stayinvisible.com/index.pl/proxy_list
(i'm not wild about the idea of posting specific proxies to use in this forum so best to use the above resource and do a whois on any server you end up using)
instructions for hibrowser
1.default connection is lan (good if your cable,dsl if not then change it)
i choose to keep hiproxy open/mimimized as a window but you can close it out and you're browsing should be ok- i like to keep it handy as a reminder...
2.select import
3.import proxies
4.download
5.then highlight an ip/server
6.in the bottom right click the following options: auto, ie proxy, local, all4 (not java if you disable java vm)
7.click on the socks button
8.then click yes for all questions etc
9.then in bottom right corner click apply/open ie
10.then page will open up
11.click on verify http (that will show you the speed of your browser so if it's not going that fast i would try another ip/server- use the same process for each one)
12.everytime your system is restarted you should go over 6-11
then test your ip by going to http://www.stayinvisible.com/index.pl/test...your_ip_nocache
make sure both numbers listed are not your real ip
make sure to delete the ips/servers that are too slow- then you can save your setup- because this is shareware you're limited to 5 ip imports
note: you need to disable java as described above to be anonymous- specifically disable microsoft vm java
also i don't recommend having proxies enabled when you do online banking or paypal for instance- not only will it send up warning signals to them it's not necessary if they have secure access (also paypal sends a warning email if you use a "foreign" proxy and they ask if you are out of town- it gets annoying if you have )- the real purpose for proxies imo is for anonymous web browsing and the like...
to go from proxy mode to regular mode just go to internet options, connections, lan settings, unclick "use auto config script" and click "auto detect settings" , close out hiproxy, and empty/clean your browser settings
remember to follow steps 6-11 above after you click back to "use auto config script" to be anonymous again
general hiproxy faq: http://hiproxy.com/index.html
Note from hiproxy:
HiProxy Browser settings (below the proxy list) apply only to your browser, not to other Internet applications like P2P. Usually Internet applications have their own proxy settings, unrelated to the browser. What you can do is copy a verified Socks proxy from the list (right-click on proxy's IP and select "copy cell"), then paste it in your P2P program proxy settings.
Also, check http://hiproxy.com/faq.htm#socks on how to use easily available HTTP proxies as substitute to Socks.
note for non micrsoft/ie browser users:
You can find Mozilla etc instructions at http://www.hiproxy.com/help23.htm
open mozilla, go to tools, options, general
click connection settings
click auto proxy config
and copy paste the location of the proxy files in hiproxy (eg file:///C:\PROGRAM FILES\HIPROXY\autoproxy.pac
click ok
and test
The URL should be:
file:///C:\PROGRAM FILES\HIPROXY\autoproxy.pac
It is a common error to forget the file:/// prefix.
.....
this is by no means a comprehensive guide but more of an effort to simplify a complex subject- add your ideas and backup your claims in this section!
thanks!
ddd